Separation-of-Duties, or SoD, is an internal control that prevents conflicts by using role-based access controls. When it comes to money, a frequent example is when there are two teams: one that receives cash from vendors and another that distributes money to vendors. Organizations can prevent a single individual from committing fraud by dividing these responsibilities across two teams, lowering the chance of a crime. The way organizations track all of the information regarding SOD violations, including all of the instances of the violation, is known as an SoD case.
Separation of tasks enhances compliance by controlling and removing conflicting roles and encouraging the examination of internal processes. Organizations can reduce risk by restricting each user’s access to only what is necessary for each user. Ongoing auditing is also critical.
Organizations may predict SoD violations and find infractions using software tools and procedures, such as SoD risk assessments and by having thorough audit controls.
Table of Contents
SoD policies
SoD policies are the methods, standards, and/or rules established by a company to ensure that security measures are in place when evaluating operational efficiency and costs. In the past, organizations had to establish and administer these policies manually and physically audit them to ensure compliance. This resulted in outdated and incorrect SoD policies, as well as increased costs associated with maintaining and fixing policies. Through the use of automation and analytics, companies can now quickly establish, manage, and audit their SoD policies.
Violations
When a user takes advantage of their access by engaging in activities that are banned by the company’s policy or the compliance rules it is considered a violation. It’s actually even a violation for an employee to have unnecessary access which can easily cause them to commit fraud.
Internal controls are used by SoD to prevent conflicts of interest and increase security and compliance when used appropriately.
“SoD Violation” and “SoD Case” are used interchangeably.
“SoD Violation” and “SoD Case terms can both relate to a single person or account who has broken an SoD policy. For example, an unauthorized person who is creating, modifying, or removing roles, would have committed a SoD violation.
For each of those detections, identity governance produces a new SoD violation case and advises the SoD policy owner of the violation. SoD cases also tracks of the activities of users in response to the violation. When the identity management no longer detects a breach, the SoD case is closed. A SoD case is, in a manner, the tracked activities of a SoD violation from the moment it is first discovered until it is no longer detected.
Final Thoughts
Companies should have policies in place for separation of duties (SoD) policies and identity management. SoD policies allow you to identify too many rights and authorizations that might be provided to a single individual.
When your SoD policies are activated, the identity governance monitors your system for violations and produces cases when they are discovered. SoD administrators can either permit the violation for a limited time or remove a user’s access.